Sunday , October 6 2024
Palo alto

CERT-IN Warns Vulnerabilities in Palo Alto Networks applications

Indian Computer Emergency Response Team (CERT-IN) issued advisories about multiple vulnerabilities in various Palo Alto Networks applications. Attackers could exploit these vulnerabilities to access systems without permission, steal important information, and potentially run harmful code.

Vulnerabilities in Palo Alto Networks:

First Half Of 2024 Report
Bangladeshi 32.4% government websites face cyber attack: NAS report

National Attack Surface (NAS) report for the first half of 2024 reveals that 56.6% of cyberattacks in Bangladesh targeted educational...
Read More
First Half Of 2024 Report  Bangladeshi 32.4% government websites face cyber attack: NAS report

Prince Ransomware Hits UK and US

A new ransomware campaign is targeting individuals and organizations in the UK and US. The "Prince Ransomware" attack uses a...
Read More
Prince Ransomware Hits UK and US

CISA warns active exploit of Zimbra & Ivanti endpoint manager Vulns

CISA has issued an urgent alert about critical vulnerabilities being exploited in Synacor’s Zimbra Collaboration and Ivanti’s Endpoint Manager (EPM)....
Read More
CISA warns active exploit of Zimbra & Ivanti endpoint manager Vulns

A summary of “2024 State of Cybersecurity survey” by ISACA

ISACA 2024 survey report reveals that 66% of cybersecurity professionals find their jobs more stressful now than five years ago....
Read More
A summary of “2024 State of Cybersecurity survey” by ISACA

ISACA reveals
64% of Australian cybersecurity professionals feel increasing stress

A recent study by ISACA shows that almost two-thirds of cybersecurity professionals report increasing job stress. The 2024 State of...
Read More
ISACA reveals  64% of Australian cybersecurity professionals feel increasing stress

Researchers detected 31 new Malware in September

In September, cybersecurity experts discovered 31 new ransomware variants that threaten individuals and businesses. These programs encrypt valuable data, making...
Read More
Researchers detected 31 new Malware in September

CRI Release New Ransomware Response Guidance

New guidance on ransomware, released during this week's International Counter Ransomware Initiative (CRI) meeting, encourages victims to report attacks to...
Read More
CRI Release New Ransomware Response Guidance

ALERT
Over 700,000 Routers Vulnerable to Hack for 14 security flaws

Over 14 new security flaws have been found in DrayTek routers for homes and businesses, which could allow attackers to...
Read More
ALERT  Over 700,000 Routers Vulnerable to Hack for 14 security flaws

Patch it now!
Critical Zimbra RCE flaw exploited: Needs Immediate Patching

Hackers are exploiting a recently revealed RCE vulnerability in Zimbra email servers that can be activated by sending specially crafted...
Read More
Patch it now!  Critical Zimbra RCE flaw exploited: Needs Immediate Patching

CISA Warns
Network switch RCE flaw impacts critical infrastructure

CISA warns of two serious vulnerabilities in Optigo Networks ONS-S8 Aggregation Switches, which could allow authentication bypass and remote code...
Read More
CISA Warns  Network switch RCE flaw impacts critical infrastructure

The vulnerabilities include CVE-2024-5915, CVE-2024-5916, and CVE-2024-5914.

GlobalProtect App: Privilege Escalation Vulnerability (CVE-2024-5915):

Older versions of the Palo Alto Networks GlobalProtect app have a critical vulnerability. This vulnerability in the app on Windows devices allows a local user to run programs with higher privileges.


Users are advised to update your app to version 5.4.5 or higher to fix vulnerability CVE-2024-5915 and reduce the risk.

PAN-OS: Information Disclosure Vulnerability (CVE-2024-5916):

A new vulnerability, known as CVE-2024-5916, impacts Palo Alto Networks PAN-OS, a network security operating system. It’s classified as an “information exposure” problem.

If any attacker takes advantage of this vulnerability, they could get important information like passwords and tokens to access other systems. They could use this information to attack the network or compromise other systems.


The vulnerability allows a read-only administrator to access sensitive details in the configuration log. This shows how important it is to give users the minimum access they need to do their tasks.

Resolution: The problem has been solved in PAN-OS 10.2.8, PAN-OS 11.0.4, and later versions. After upgrading PAN-OS, users should also revoke any compromised secrets, passwords, and tokens configured in server profiles (Device > Server Profiles) on affected PAN-OS firewalls.

Cortex XSOAR: Command Injection Vulnerability (CVE-2024-5914):

There is a vulnerability in older versions of Palo Alto Networks Cortex XSOAR. This vulnerability, known as CVE-2024-5914, is a “command injection” flaw in the CommonScripts Pack, which is a collection of scripts for automating security tasks.

Command injection vulnerabilities let attackers insert harmful code into trusted applications. In the case of Cortex XSOAR, if successfully exploited, attackers could run any command within an integration container. This could let attackers move within the network, steal data, or disrupt security operations.

Resolution:

Problem resolved in Cortex XSOAR CommonScripts v1.12.33+. Users are advised to update to the latest version to stay secure.

Protecting Against the Palo Alto Networks Vulnerabilities:

Palo Alto Networks has issued patches to fix these vulnerabilities. Users should update their software as soon as possible to reduce these risks.

 

Check Also

Malware

Researchers detected 31 new Malware in September

In September, cybersecurity experts discovered 31 new ransomware variants that threaten individuals and businesses. These …

Leave a Reply

Your email address will not be published. Required fields are marked *